This research evaluates methods to detect and remove indirect prompt injection attacks that manipulate large language models by inserting malicious instructions.

• Analyzes effectiveness of current detection mechanisms against sophisticated prompt injection attacks
• Identifies vulnerabilities in existing detection systems
• Proposes improved methods for removing malicious instructions while preserving legitimate content
• Demonstrates practical defense strategies for real-world LLM applications

As LLMs become more integrated into critical systems, these security measures are essential for preventing attackers from exploiting instruction-following capabilities to execute unauthorized commands.

Can Indirect Prompt Injection Attacks Be Detected and Removed?